Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/D4E1388A2F8A11EEA59DA358C4F9AE02.roa
File: D4E1388A2F8A11EEA59DA358C4F9AE02.roa (raw, json)
Hash identifier: 2FXj0OIT+96fs5pTNVqbBghGdAnH4rKBbXqSIuIyoPM=
Subject key identifier: CB:B7:CB:27:AB:38:A3:CF:9A:62:0A:BF:C8:3C:46:1E:81:A2:80:3A
Certificate issuer: /CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Certificate serial: 02A7
Authority key identifier: 60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/D4E1388A2F8A11EEA59DA358C4F9AE02.roa
Signing time: Sat 07 Oct 2023 02:23:39 +0000
ROA not before: Sat 07 Oct 2023 02:23:39 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 147049
IP address blocks: 103.173.150.0/23 maxlen: 23
2407:e8c0::/48 maxlen: 48
2407:e8c0:1::/48 maxlen: 48
2407:e8c0:2::/48 maxlen: 48
2407:e8c0:3::/48 maxlen: 48
2407:e8c0:4::/48 maxlen: 48
2407:e8c0:5::/48 maxlen: 48
2407:e8c0:6::/48 maxlen: 48
2407:e8c0:7::/48 maxlen: 48
2407:e8c0:8::/48 maxlen: 48
2407:e8c0:9::/48 maxlen: 48
2407:e8c0:a::/48 maxlen: 48
2407:e8c0:b::/48 maxlen: 48
2407:e8c0:c::/48 maxlen: 48
2407:e8c0:d::/48 maxlen: 48
2407:e8c0:e::/48 maxlen: 48
2407:e8c0:f::/48 maxlen: 48
2407:e8c0:4a00::/40 maxlen: 40
2407:e8c0:4b00::/40 maxlen: 40
2407:e8c0:4c00::/40 maxlen: 40
2407:e8c0:4d00::/40 maxlen: 40
2407:e8c0:4e00::/40 maxlen: 40
2407:e8c0:4f00::/40 maxlen: 40
2407:e8c0:5000::/40 maxlen: 40
2407:e8c0:5100::/40 maxlen: 40
2407:e8c0:5200::/40 maxlen: 40
2407:e8c0:5300::/40 maxlen: 40
2407:e8c0:5400::/40 maxlen: 40
2407:e8c0:5500::/40 maxlen: 40
2407:e8c0:5600::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 28 May 2024 02:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 679 (0x2a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Validity
Not Before: Oct 7 02:23:39 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6520c12b-0ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:35:fd:3a:18:10:8f:1e:9b:47:6b:5e:06:c4:
3b:c0:44:8c:74:fa:6a:2d:c1:af:19:4b:9d:15:24:
c0:de:78:8a:0a:b8:10:86:00:38:a9:09:13:ea:d5:
8e:4f:a8:43:18:46:b7:e9:b1:50:72:7d:da:56:fc:
50:5e:e6:99:84:99:17:96:9f:80:ce:d8:7c:73:7d:
a7:03:54:13:a5:d1:ae:72:cb:31:65:ff:40:59:f5:
04:10:f4:38:f5:9e:5f:1e:5d:5b:41:4c:cd:a9:cc:
09:21:1e:f3:d6:a5:ac:96:ae:c3:bb:18:c6:a7:31:
5d:a8:6e:74:1c:49:be:9d:f1:4b:be:53:50:22:7c:
7a:7b:76:7a:30:08:3a:79:ee:1a:c4:ab:e0:f7:2c:
8d:a0:a6:68:f8:d1:14:23:13:bf:34:9f:55:2e:d5:
60:8e:6a:ed:04:ae:ac:8a:95:8a:1f:3b:9c:64:fd:
d3:c4:c1:62:09:23:b8:5f:39:cd:fe:ec:c9:de:53:
14:87:7e:82:0c:67:5e:83:79:af:88:6e:61:74:15:
74:26:e1:fc:92:63:2c:bb:7a:fd:3c:4e:a1:ab:3c:
cc:e1:83:a9:0b:a6:17:b1:74:c8:7d:a2:47:d3:c9:
c8:46:db:06:28:82:89:ee:33:d1:50:94:8a:28:60:
fb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:B7:CB:27:AB:38:A3:CF:9A:62:0A:BF:C8:3C:46:1E:81:A2:80:3A
X509v3 Authority Key Identifier:
keyid:60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/D4E1388A2F8A11EEA59DA358C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.150.0/23
IPv6:
2407:e8c0::/44
2407:e8c0:4a00::-2407:e8c0:56ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
30:66:a4:c0:a0:01:46:c7:53:3e:72:3b:19:c9:bb:3e:71:d5:
c0:c0:5f:5d:1e:8b:b9:37:27:08:55:34:c2:fa:04:d5:39:2d:
29:f1:c4:88:6f:4b:df:11:ae:25:53:7f:78:3d:2e:0b:e4:7e:
c0:ea:25:39:6a:89:5a:1a:51:c6:04:3e:39:55:79:69:15:89:
75:e3:60:c4:08:85:a3:43:ca:30:30:62:e9:96:25:79:8b:1e:
f2:c9:8a:2e:53:e6:b1:f7:41:8c:94:72:3a:83:c8:0a:86:c2:
59:41:af:a2:11:c6:6f:ef:cd:4a:af:07:a4:60:c5:f0:c7:96:
ab:79:39:e7:a1:9e:11:b1:6b:4f:18:b7:40:02:8f:e8:7d:9d:
e8:bf:a1:e1:e2:d9:82:33:e2:12:64:e2:43:82:45:23:4f:9b:
ba:2d:a2:f1:54:96:a9:1f:bd:fd:fc:89:b6:19:f2:3f:12:5c:
fa:45:e8:18:07:b0:fe:9c:84:68:cf:0d:b1:25:65:80:6b:17:
8d:ee:9f:07:42:07:0e:4a:19:9b:0b:02:a1:64:59:7a:8b:fc:
6a:f1:b3:b7:a6:81:7c:1a:bc:65:be:28:48:59:ec:6f:4c:1c:
35:00:89:6b:3d:23:74:4b:97:69:11:70:0d:4d:95:04:ba:1a:
3e:df:c8:13
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICAqcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjJFRTExMTAvBgNVBAUTKDYwNzZCRDBCQTREQjc5N0E3MkE2OEZFRkY5QkZCNTU4
QzQ0Mzk4QjIwHhcNMjMxMDA3MDIyMzM5WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTIwYzEyYi0wZWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuzX9OhgQjx6bR2teBsQ7wESMdPpqLcGvGUudFSTA3niKCrgQhgA4qQkT6tWO
T6hDGEa36bFQcn3aVvxQXuaZhJkXlp+Azth8c32nA1QTpdGucssxZf9AWfUEEPQ4
9Z5fHl1bQUzNqcwJIR7z1qWslq7DuxjGpzFdqG50HEm+nfFLvlNQInx6e3Z6MAg6
ee4axKvg9yyNoKZo+NEUIxO/NJ9VLtVgjmrtBK6sipWKHzucZP3TxMFiCSO4XznN
/uzJ3lMUh36CDGdeg3mviG5hdBV0JuH8kmMsu3r9PE6hqzzM4YOpC6YXsXTIfaJH
08nIRtsGKIKJ7jPRUJSKKGD76QIDAQABo4ICuDCCArQwHQYDVR0OBBYEFMu3yyer
OKPPmmIKv8g8Rh6BooA6MB8GA1UdIwQYMBaAFGB2vQuk23l6cqaP7/m/tVjEQ5iy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkVFMS83NTJENDJFODhG
RDIxMUVDOTQ4QTkzN0VDNEY5QUUwMi9ZSGE5QzZUYmVYcHlwb192LWItMVdNUkRt
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lIYTlDNlRiZVhweXBvX3YtYi0xV01SRG1MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjJFRTEvNzUyRDQyRTg4RkQyMTFFQzk0OEE5MzdFQzRGOUFFMDIvRDRFMTM4OEEy
RjhBMTFFRUE1OURBMzU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMAwEAgABMAYDBAFnrZYwIQQCAAIwGwMHBCQH6MAAADAQAwYBJAfowEoDBgAk
B+jAVjANBgkqhkiG9w0BAQsFAAOCAQEAMGakwKABRsdTPnI7Gcm7PnHVwMBfXR6L
uTcnCFU0wvoE1TktKfHEiG9L3xGuJVN/eD0uC+R+wOolOWqJWhpRxgQ+OVV5aRWJ
deNgxAiFo0PKMDBi6ZYleYse8smKLlPmsfdBjJRyOoPICobCWUGvohHGb+/NSq8H
pGDF8MeWq3k556GeEbFrTxi3QAKP6H2d6L+h4eLZgjPiEmTiQ4JFI0+bui2i8VSW
qR+9/fyJthnyPxJc+kXoGAew/pyEaM8NsSVlgGsXje6fB0IHDkoZmwsCoWRZeov8
avGzt6aBfBq8Zb4oSFnsb0wcNQCJaz0jdEuXaRFwDU2VBLoaPt/IEw==
-----END CERTIFICATE-----
Generated at Tue May 21 04:39:43 2024 by rpki-client on console-ams.rpki-client.org